Skip to main content
Redhat Developers  Logo
  • Products

    Featured

    • Red Hat Enterprise Linux
      Red Hat Enterprise Linux Icon
    • Red Hat OpenShift AI
      Red Hat OpenShift AI
    • Red Hat Enterprise Linux AI
      Linux icon inside of a brain
    • Image mode for Red Hat Enterprise Linux
      RHEL image mode
    • Red Hat OpenShift
      Openshift icon
    • Red Hat Ansible Automation Platform
      Ansible icon
    • Red Hat Developer Hub
      Developer Hub
    • View All Red Hat Products
    • Linux

      • Red Hat Enterprise Linux
      • Image mode for Red Hat Enterprise Linux
      • Red Hat Universal Base Images (UBI)
    • Java runtimes & frameworks

      • JBoss Enterprise Application Platform
      • Red Hat build of OpenJDK
    • Kubernetes

      • Red Hat OpenShift
      • Microsoft Azure Red Hat OpenShift
      • Red Hat OpenShift Virtualization
      • Red Hat OpenShift Lightspeed
    • Integration & App Connectivity

      • Red Hat Build of Apache Camel
      • Red Hat Service Interconnect
      • Red Hat Connectivity Link
    • AI/ML

      • Red Hat OpenShift AI
      • Red Hat Enterprise Linux AI
    • Automation

      • Red Hat Ansible Automation Platform
      • Red Hat Ansible Lightspeed
    • Developer tools

      • Red Hat Trusted Software Supply Chain
      • Podman Desktop
      • Red Hat OpenShift Dev Spaces
    • Developer Sandbox

      Developer Sandbox
      Try Red Hat products and technologies without setup or configuration fees for 30 days with this shared Openshift and Kubernetes cluster.
    • Try at no cost
  • Technologies

    Featured

    • AI/ML
      AI/ML Icon
    • Linux
      Linux Icon
    • Kubernetes
      Cloud icon
    • Automation
      Automation Icon showing arrows moving in a circle around a gear
    • View All Technologies
    • Programming Languages & Frameworks

      • Java
      • Python
      • JavaScript
    • System Design & Architecture

      • Red Hat architecture and design patterns
      • Microservices
      • Event-Driven Architecture
      • Databases
    • Developer Productivity

      • Developer productivity
      • Developer Tools
      • GitOps
    • Secure Development & Architectures

      • Security
      • Secure coding
    • Platform Engineering

      • DevOps
      • DevSecOps
      • Ansible automation for applications and services
    • Automated Data Processing

      • AI/ML
      • Data Science
      • Apache Kafka on Kubernetes
      • View All Technologies
    • Start exploring in the Developer Sandbox for free

      sandbox graphic
      Try Red Hat's products and technologies without setup or configuration.
    • Try at no cost
  • Learn

    Featured

    • Kubernetes & Cloud Native
      Openshift icon
    • Linux
      Rhel icon
    • Automation
      Ansible cloud icon
    • Java
      Java icon
    • AI/ML
      AI/ML Icon
    • View All Learning Resources

    E-Books

    • GitOps Cookbook
    • Podman in Action
    • Kubernetes Operators
    • The Path to GitOps
    • View All E-books

    Cheat Sheets

    • Linux Commands
    • Bash Commands
    • Git
    • systemd Commands
    • View All Cheat Sheets

    Documentation

    • API Catalog
    • Product Documentation
    • Legacy Documentation
    • Red Hat Learning

      Learning image
      Boost your technical skills to expert-level with the help of interactive lessons offered by various Red Hat Learning programs.
    • Explore Red Hat Learning
  • Developer Sandbox

    Developer Sandbox

    • Access Red Hat’s products and technologies without setup or configuration, and start developing quicker than ever before with our new, no-cost sandbox environments.
    • Explore Developer Sandbox

    Featured Developer Sandbox activities

    • Get started with your Developer Sandbox
    • OpenShift virtualization and application modernization using the Developer Sandbox
    • Explore all Developer Sandbox activities

    Ready to start developing apps?

    • Try at no cost
  • Blog
  • Events
  • Videos

Announcing Cryostat 2.0: JDK Flight Recorder for containers

October 18, 2021
Andrew Azores Janelle Law Hareet Dhillon
Related topics:
ContainersJavaKubernetes
Related products:
Red Hat OpenShift

Share:

    Cryostat is a container-native JVM application that provides a secure API for profiling and monitoring containers with JDK Flight Recorder (JFR). JDK Flight Recorder collects profiling and diagnostic data from applications using JFR events stored in binary flight recordings. When requested, Cryostat can retrieve, store, and analyze flight recordings from containerized Java virtual machines (JVMs) to assess overall application health. Users can download recording files and upload them to JDK Mission Control (JMC) or Grafana for further analysis.

    This article introduces Cryostat and shares new features in the 2.0 release, including example use cases, tips for getting started, and additional release notes. For more information about Cryostat fundamentals, visit Introduction to Cryostat: JDK Flight Recorder for containers.

    Read the series

    Read all of the articles in this series of hands-on guides to using Cryostat 2.0:

    • Part 1: Get started with Cryostat 2.0
    • Part 2: Configuring Java applications to use Cryostat
    • Part 3: Java monitoring for custom targets with Cryostat
    • Part 4: Automating JDK Flight Recorder in containers
    • Part 5: Creating Custom JFR event templates with Cryostat 2.0

    Note: The Red Hat build of Cryostat 2.0 is now widely available in technology preview. The Red Hat build includes the Cryostat Operator to simplify and automate Cryostat deployment on OpenShift.

    Using Cryostat with JDK Flight Recorder

    Cryostat is compatible with JVMs that (1) can accept incoming JMX connections, and (2) include JDK Flight Recorder. This includes OpenJDK and most downstream builds or distributions of OpenJDK, such as Red Hat OpenJDK and Adoptium OpenJDK.

    The JDK Mission Control desktop-only application requires users to retrieve flight recordings on a local disk. When bare-metal JDK Flight Recorder writes recordings to the local file system inside a container, those recordings are lost when the container restarts. A complicated and likely insecure workaround would involve establishing a direct connection between a desktop workstation and the containerized JVMs in the cloud over Java Management Extensions (JMX).

    Cryostat securely retrieves and stores flight recordings from containerized JVMs, so users can access these recordings over HTTP/HTTPS. Cryostat’s low overhead during both profiling and continuous monitoring allows users to monitor application performance in production. Users can start recordings with built-in or custom event templates in multiple JVMs at once.

    Use cases for Cryostat 2.0

    Example use cases for Cryostat 2.0 include automated rules, batch retrieval of JDK Flight Recorder data, and custom target definitions and support for non-RMI JMX connectors. We'll write more about each of these use cases in future articles.

    Highlights of the 2.0 release

    We've added the following major new features in Cryostat 2.0:

    • Cryostat Operator: Cryostat is now offered as an OpenShift Operator, also in tech preview, available from the OperatorHub on OpenShift 4.6 and higher. The Cryostat Operator eases configuration and deployment of Cryostat into your OpenShift namespaces and provides an OpenShift custom resource interface to the Cryostat API, enabling you to build more integrations with other OpenShift Operators and services in more flexible ways.
    • Automated rules: A common use case for Cryostat is to enable continuous monitoring, or other JFR event templates, to all or some subset of JVMs in the target application. Automated rule definitions allow users to specify what kinds of JVMs should be triggered on—using criteria like port number, OpenShift annotations, OpenShift labels, or JVM alias—along with what kind of JDK Flight Recorder events should be recorded, and how often the JFR data should be copied from each target into the Cryostat archive.
    • Batch operations: Another common use case for Cryostat is to retrieve all JFR data from a set of target JVMs when some external event occurs. In Cryostat 1.0, a client would need to observe the external event and then fire N HTTP requests to Cryostat to retrieve JFR data from each of the N target applications. In Cryostat 2.0, a shorthand allows clients to fire one HTTP request and prompt Cryostat to retrieve data from a set of targets into the Cryostat archives. The client can then download the JFR data from Cryostat as needed.
    • Custom targets: Users can now create target definitions manually, rather than relying upon Cryostat's platform-tailored JVM discovery mechanisms.

    Keep an eye out for upcoming articles highlighting and demonstrating these features.

    How to get started with Cryostat 2.0

    Install the Cryostat Operator to deploy Cryostat on OpenShift or another Kubernetes cluster. Check out the following links for installation and usage instructions:

    • The recommended installation guide at cryostat.io.
    • Our guide to manual Cryostat installation and setup for testing and demonstration purposes.
    • Get started with the Cryostat web UI at cryostat.io.
    • The Cryostat API usage guide: HTTP_API.md.
    • The Cryostat README.

    Additional 2.0 features

    There are a few other minor new features in Cryostat 2.0:

    • Client-defined connection protocols: Allow Cryostat to communicate with target JVMs using different JMX protocol implementations (see pull request #482 for details).
    • POST /api/v2/certificates: Upload an SSL certificate to trust when connecting to target JVMs.
    • GET /api: List all API operations.
    • Push notifications for Cryostat operations.

    Breaking changes since Cryostat 1.0

    The Cryostat 2.0 release brings some breaking changes since version 1.0. We felt these changes were necessary as Cryostat matures into a full-fledged product that can best serve our users’ diverse needs.

    Removal of the interactive command channel

    The interactive command channel has been replaced with a one-way WebSocket notifications channel. Cryostat was initially implemented as an interactive-mode utility with user actions limited to a set of pre-defined commands. This functionality was later extended to allow remote network access using WebSocket, resulting in the command channel. However, now that all of the command channel functionality has been ported over to the HTTP API, the channel has been adapted to instead provide one-way notifications to any targets connected to the Cryostat instance.

    Removal of event specifier strings

    Previously, users were able to specify JDK Flight Recorder events to be monitored during a recording using event specifier string syntax (such as jdk.SomeEvent:optionName=value;jdk.AnotherEvent:secondOption=value2;...). Now, you can specify events during recording creation by providing the JDK Flight Recorder event template name. Users can pick from a variety of standard templates or upload their own custom templates to Cryostat. Because they consist of XML, templates are easier to create, edit, validate, and share, and are also interoperable, as they are the standard JDK format.

    Conclusion

    The tech preview release of Cryostat 2.0 lets you monitor containerized JVMs on an OpenShift or Kubernetes cluster. Furthermore, you can create, manage, and download JDK Flight Recorder recordings for analysis in JDK Mission Control or Grafana. To learn more about Cryostat 2.0, visit the Cryostat homepage, cryostat.io, and feel free to join our mailing list to connect to the upstream community.

    Last updated: September 26, 2024

    Related Posts

    • Introduction to Cryostat: JDK Flight Recorder for containers

    • Get started with JDK Flight Recorder in OpenJDK 8u

    • Set up JDK Mission Control with Red Hat Build of OpenJDK

    Recent Posts

    • Create and enrich ServiceNow ITSM tickets with Ansible Automation Platform

    • Expand Model-as-a-Service for secure enterprise AI

    • OpenShift LACP bonding performance expectations

    • Build container images in CI/CD with Tekton and Buildpacks

    • How to deploy OpenShift AI & Service Mesh 3 on one cluster

    Red Hat Developers logo LinkedIn YouTube Twitter Facebook

    Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform

    Build

    • Developer Sandbox
    • Developer Tools
    • Interactive Tutorials
    • API Catalog

    Quicklinks

    • Learning Resources
    • E-books
    • Cheat Sheets
    • Blog
    • Events
    • Newsletter

    Communicate

    • About us
    • Contact sales
    • Find a partner
    • Report a website issue
    • Site Status Dashboard
    • Report a security problem

    RED HAT DEVELOPER

    Build here. Go anywhere.

    We serve the builders. The problem solvers who create careers with code.

    Join us if you’re a developer, software engineer, web designer, front-end designer, UX designer, computer scientist, architect, tester, product manager, project manager or team lead.

    Sign me up

    Red Hat legal and privacy links

    • About Red Hat
    • Jobs
    • Events
    • Locations
    • Contact Red Hat
    • Red Hat Blog
    • Inclusion at Red Hat
    • Cool Stuff Store
    • Red Hat Summit
    © 2025 Red Hat

    Red Hat legal and privacy links

    • Privacy statement
    • Terms of use
    • All policies and guidelines
    • Digital accessibility

    Report a website issue